// Copyright 2015 The LUCI Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package types

import (
	"crypto/rand"
	"fmt"
)

const (
	// PrefixSecretLength is the size, in bytes, of the stream secret.
	//
	// This value was chosen such that it is:
	// - Sufficiently large to avoid collisions.
	// - Can be expressed as a Base64 string without ugly padding.
	PrefixSecretLength = 36

	// OpNonceLength is the exact length that an OpNonce must be, if supplied.
	OpNonceLength = 32
)

// PrefixSecret is the prefix secret value. It is used to assert ownership of
// a prefix space.
//
// The Prefix secret is generated by the Coordinator at prefix registration,
// and is included by the Butler to prove that it is the entity that registered
// the stream. The secret is asserted by microservices and the Coordinator
// during Butler-initiated stream operations.
type PrefixSecret []byte

// NewPrefixSecret generates a new, default-length secret parameter.
func NewPrefixSecret() (PrefixSecret, error) {
	buf := make([]byte, PrefixSecretLength)
	if _, err := rand.Read(buf); err != nil {
		return nil, err
	}

	value := PrefixSecret(buf)
	if err := value.Validate(); err != nil {
		panic(err)
	}
	return value, nil
}

// Validate confirms that this prefix secret is conformant.
//
// Note that this does not scan the byte contents of the secret for any
// security-related parameters.
func (s PrefixSecret) Validate() error {
	if len(s) != PrefixSecretLength {
		return fmt.Errorf("invalid prefix secret length (%d != %d)", len(s), PrefixSecretLength)
	}
	return nil
}
